fbpx

Download free GDPR compliance checklist!

Tag Archives for " data breach "

£100 million data breach claim against Equifax

North West based data breach and cybersecurity specialist Hayes Connor Solicitors is the first in the UK to serve a representative data breach claim in the High Court.

The action could see Equifax ordered to pay up to £100 million in compensation to its estimated 15 million UK customers affected by its 2017 data breach.

The action follows the Court of Appeal’s decision on the Lloyd v Google case on 2nd October which ruled that a law firm could bring a claim for compensation for just one affected individual following a data breach and be awarded compensation for the entire affected population.

Source: Hayes Connor issues landmark £100 million data breach claim against Equifax | Business Up North

Former Yahoo! engineer hacked user emails for smutty snaps

Former Yahoo! software engineer has pleaded guilty in a California federal court to one count of computer intrusion after breaking into customers’ Yahoo! emails and accounts at other service providers to obtain private data, mainly sexual images and videos of account holders.

He abused his internal access at Yahoo! to hack into about 6,000 accounts in May and June last year. He then used the information he obtained to compromise other online services used by Yahoo! customers, such as Dropbox, Facebook, Gmail, and iCloud.

Source: Former! Yahoo! engineer! admits! to! hacking! user! emails! for! smutty! snaps! • The Register

Over 50% of companies have experienced a data breach

New research by Bitdefender discovered that 24% of companies have already suffered a data breach halfway through 2019.

While 57% of companies have experienced a data breach during the last years, 36% of infosec professionals stated that their companies could likely be facing a breach without knowing about it.

The security firm conducted a survey of more than 6,000 infosecurity professionals from organisations across the US, EMEA and APAC.

Source: #Privacy: Over 50% of companies have experienced a data breach

Non-disclosure of Data Breaches Negatively Affects Acquisitions and Mergers

A recent study has shown that a company’s cybersecurity program, and how it has handled any history of data breaches, has a significant impact on its monetary sales value.

The report, by (ISC)2, asked 250 US-based mergers and acquisitions experts looking at the importance of a company’s cybersecurity program, and how much of an impact its breach history has on its valuation ahead of a potential acquisition.

Their findings revealed that 49% of those experts have seen deals completely derailed after due diligence brought an undisclosed breach to light. Furthermore, 86% of respondents said that if a company publicly reported a breach of customer or other critical data in its past, it would detract from the allocated acquisition price.

Source: #SECURITY: Non-disclosure of Data Breaches Negatively Affects Acquisitions and Mergers

Polish DPA imposes €645,000 fine for insufficient organisational and technical safeguards

The President of the Personal Data Protection Office imposed a fine of an amount higher than PLN 2.8 million (ca. 645,000 euros) on Morele.net.

The company’s organisational and technical measures for the protection of personal data were not appropriate to the risk posed by the processing of personal data, which means that data of about 2.2 million people have fallen into the wrong hands.

Source: Polish DPA imposes €645,000 fine for insufficient organisational and technical safeguards

Major breach found in biometrics system used by banks, UK police and defence firms

The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks.

Suprema is the security company responsible for the web-based Biostar 2 biometrics lock system that allows centralised control for access to secure facilities like warehouses or office buildings. Biostar 2 uses fingerprints and facial recognition as part of its means of identifying people attempting to gain access to buildings.

Recently Biostar 2 platform was integrated into another access control system – AEOS, that is used by 5,700 organisations in 83 countries, including governments, banks and the UK Metropolitan police. In a search last week, the researchers found Biostar 2’s database was unprotected and mostly unencrypted.

Source: Major breach found in biometrics system used by banks, UK police and defence firms | Technology | The Guardian

Data breach activity at its worst in 2019

A new report by Risk Based Security says that 2019 is on track to being the “worst year on record” for data breach activity.

The 2019 Midyear Quickview Data Breach Report from Risk Based Security reports the number of data breaches is already up by 54% over last year, with half the year left to go.

Source: #privacy: Data breach activity at its worst in 2019, report finds

Study highlights greater risks run by small businesses that suffer a data breach

Almost a third of consumers have said that a small business would lose their loyalty in the event of a data breach.

While no business is free from the risk of cyber-crime, larger organisations are usually more able to deal with data breach incidents, as they typically have greater finances, IT resources and expertise to invest into cyber-combat and breach recovery.

Source: #privacy: Study highlights greater risks run by small businesses that suffer a data breach

Why Bringing Data Privacy Management To The Board Level Will Reduce Data Breaches

Learning from recent breaches and the need for a greater understanding of privacy in the enterprise, it’s time for companies to take a new, proactive approach to data management.

Making data privacy decisions in a silo is no longer enough. Organizations must now implement robust data privacy practices that also involve their board members on an operational and technical level to protect themselves and their customers’ well-being.

Source: Council Post: Why Bringing Data Privacy Management To The Board Level Will Reduce Data Breaches

Facebook confirms 419m phone numbers exposed in latest privacy lapse

Hundreds of millions of Facebook users’ phone numbers were exposed in an open online database, the company confirmed Wednesday.

More than 419m Facebook IDs and phone numbers were stored in an online server that was not password protected. The dataset included about 133m records for users in the US, 18m records for users in the UK and 50m records for users in Vietnam.

Source: Facebook confirms 419m phone numbers exposed in latest privacy lapse | Technology | The Guardian

>